all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attackers impersonate Romanian Gas Companies – OSINT Investigation

Add to bookmarks
Nov. 7, 2023, 2:11 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In this blog post, we’re going to look at a campaign that reveals recently created domains impersonating known Romanian gas companies.


It all started with an ad on YouTube that featured a suspicious domain related to the legitimate RoEnergy Trade Fair. The ad was voiced in Romanian using an automatic translator. The website hosted on inf24roenergy[.]pro is shown in Figure 1.


Figure 1


Using VirusTotal, we could determine which IP address the domain resolves to:


Figure 2


By pivoting using …

attackers automatic blog blog post campaign companies domain domains fair featured gas impersonating investigation malware analysis osint trade translator youtube

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 35 minutes ago | malware.news
android android apps application applications +24
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 35 minutes ago | malware.news
article blog community compass +11
Release Notes: YARA Search, New Rules, Config Extractors, and More an hour ago | malware.news
any.run april config data +22
2023 Activities Summary of SectorJ groups (KOR) 2 hours ago | malware.news
ransomware
ISC Stormcast For Thursday, May 2nd, 2024 https://isc.sans.edu/podcastdetail/8964, (Thu, May 2nd) 4 hours ago | malware.news
topic
Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways 6 hours ago | malware.news
ai threats article breach data +16
Analysis of TargetCompany’s Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware) 7 hours ago | malware.news
ahnlab analysis asec attacks +21
4 Easy Ways to Find Free Wi-Fi Anywhere You Go 7 hours ago | malware.news
can challenge coffee easy +10
AI's Offensive & Defensive Impacts 9 hours ago | malware.news
alto blog cybersecurity defensive +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs